Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin

SmartMove: Convert Cisco ASA Policy to Check Point

Check Point SmartMove tool enables you to convert 3rd party database with firewall security policy and NAT to Check Point database.

At the moment, the tool handles Cisco ASA (version 8.3 and above) configuration file and converts its objects, NAT and firewall policy to a Check Point R80.10 policy. The tool is planned to support additional vendors in the future.

Source is available on GitHub: SmartMove

37 Replies
Durin
Contributor

Same here i did not work.

But it is possible to export rules from ASA admin tool which gives some overview.

0 Kudos
tony1
Explorer

Hi,

Have you solved the issue? I have the same problem with a config from ASA Version 9.6(4)41 using the latest Smartmove version.

Thanks.

 

Regards,

Tony

0 Kudos
Walter_Moran
Participant

Is Cisco Firepower supported for conversion?

0 Kudos
Sanjay_S
Advisor

Hi All,

I am migrating from Fortigate to Checkpoint. I have collected the configuration from one of the VDOMs and run the smart move.

I have the files ready with me now for the import. I see the *.sh for the objects and policies only and can see the NAT rule base with the HTML format only. So while importing how can i import the NAT HTML file?

Also i did not get the policy_opt.sh file is this normal?

In addition, password should not contain $ in it is this correct what i understood?

Please help.

Regards,

Sanjay S

0 Kudos
Ofir_Shikolski
Employee Alumnus
Employee Alumnus

Hi,

It is not normal, this indicate about an issue .

Can you hare with me the Fortinet config file? sc@checkpoint.com

0 Kudos
Sanjay_S
Advisor

Thanks Shikolski,

I can see the NAT rules in the Policy.sh itself. Also imported successfully. In case of further issues with migration will update you.

0 Kudos
Ted_Serreyn
Collaborator

Interested also....

0 Kudos
Mikhail0
Explorer

Hi! I'm trying migrate from PAN OS 8.1.23 with SmartMove, but i have a problem (on screenshot). In debug files i see: 

[07.04.2023 11:05:31] Index and length must refer to a location within the string.
Parameter name: length
at System.String.Substring(Int32 startIndex, Int32 length)
at PaloAltoMigration.PaloAltoConverter.InspectCpScheduleName(CheckPoint_Time cpTime) in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\PaloAltoMigration\PaloAltoConverter.cs:string 2334
at PaloAltoMigration.PaloAltoConverter.<>c__DisplayClass82_0.<ConvertPaVsysEntry>b__0(CheckPoint_Time x) in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\PaloAltoMigration\PaloAltoConverter.cs:string 1595
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at PaloAltoMigration.PaloAltoConverter.ConvertPaVsysEntry(String targetFolderNew, String targetFileNameNew, PA_VsysEntry paVsysEntry, List`1 s_TagEntries, Dictionary`2 s_cpAddressesDict, Dictionary`2 s_cpNetGroupsDict, Dictionary`2 s_cpServicesDict, Dictionary`2 s_paServicesTypesDict, Dictionary`2 s_cpServicesGroupsDict, List`1 s_paAppFiltersList, Dictionary`2 s_cpAppGroupsDict, Dictionary`2 s_cpSchedulesDict) in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\PaloAltoMigration\PaloAltoConverter.cs:string 1592
at PaloAltoMigration.PaloAltoConverter.Convert(Boolean convertNat) in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\PaloAltoMigration\PaloAltoConverter.cs:string 1444
at SmartMove.MainWindow.<>c__DisplayClass91_0.<Go_OnClick>b__0() in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\SmartMove\MainWindow.xaml.cs:string 776
at System.Threading.Tasks.Task`1.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at SmartMove.MainWindow.<Go_OnClick>d__91.MoveNext() in C:\Users\admin\AppData\Local\Jenkins\.jenkins\workspace\SmartMove\SmartMove\MainWindow.xaml.cs:string 776

What is mean? What can i do? 

I was trying with Cisco ASA config – all ok. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events